

<!DOCTYPE html>
<html lang="zh-CN">

<head>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
  <meta http-equiv="X-UA-Compatible" content="ie=edge">
  <title>Rinetd联动kippo实验 - TXXJ</title>
  <meta name="apple-mobile-web-app-capable" content="yes" />
  <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
  <meta name="google" content="notranslate" />

  
  
  <meta name="description" content="Rinetd 联动 kippo 实验Rinetd 是一..."> 
  
  <meta name="author" content="TXXJ"> 

  
    <link rel="icon" href="/images/icons/favicon-16x16.png" type="image/png" sizes="16x16">
  
  
    <link rel="icon" href="/images/icons/favicon-32x32.png" type="image/png" sizes="32x32">
  
  
    <link rel="apple-touch-icon" href="/images/icons/apple-touch-icon.png" sizes="180x180">
  
  
    <meta rel="mask-icon" href="/images/icons/stun-logo.svg" color="#333333">
  
  
    <meta rel="msapplication-TileImage" content="/images/icons/favicon-144x144.png">
    <meta rel="msapplication-TileColor" content="#000000">
  

  
<link rel="stylesheet" href="/css/style.css">


  
  
<link rel="stylesheet" href="//at.alicdn.com/t/font_1445822_h1619vhl1nr.css">

  

  
  
  
<link rel="stylesheet" href="https://cdn.bootcss.com/fancybox/3.5.7/jquery.fancybox.min.css">

  

  
  
  
<link rel="stylesheet" href="https://cdn.bootcss.com/highlight.js/9.18.1/styles/xcode.min.css">

  

  <script>
    var CONFIG = window.CONFIG || {};
    var ZHAOO = window.ZHAOO || {};
    CONFIG = {
      isHome: false,
      fancybox: true,
      pjax: true,
      lazyload: {
        enable: true,
        loadingImage: '',
      },
      donate: {
        enable: true,
        alipay: 'https://pic.izhaoo.com/alipay.jpg',
        wechat: 'https://pic.izhaoo.com/wechat.jpg'
      },
      motto: {
        api: '',
        default: '我在开了灯的床头下，想问问自己的心啊。'
      },
      galleries: {
        enable: true
      },
      fab: {
        enable: true,
        alwaysShow: false
      },
      carrier: {
        enable: true
      },
      daovoice: {
        enable: true
      }
    }
  </script>

  

  
<meta name="generator" content="Hexo 5.2.0"></head>
<body class="lock-screen">
  <div class="loading"></div>
  


<nav class="navbar">
  <div class="left"></div>
  <div class="center">Rinetd联动kippo实验</div>
  <div class="right">
    <i class="iconfont iconmenu j-navbar-menu"></i>
  </div>
</nav>

  <nav class="menu">
  <div class="menu-wrap">
    <div class="menu-close">
      <i class="iconfont iconbaseline-close-px"></i>
    </div>
    <ul class="menu-content">
      
      
      
      
      <li class="menu-item"><a href="/ " class="underline"> 首页</a></li>
      
      
      
      
      <li class="menu-item"><a href="/galleries " class="underline"> 相册</a></li>
      
      
      
      
      <li class="menu-item"><a href="/archives " class="underline"> 归档</a></li>
      
      
      
      
      <li class="menu-item"><a href="/tags " class="underline"> 标签</a></li>
      
      
      
      
      <li class="menu-item"><a href="/categories " class="underline"> 分类</a></li>
      
      
      
      
      <li class="menu-item"><a href="/about " class="underline"> 关于</a></li>
      
    </ul>
    <div class="menu-copyright"><p>Powered by <a target="_blank" href="https://hexo.io">Hexo</a>  |  Theme - <a target="_blank" href="https://github.com/izhaoo/hexo-theme-zhaoo">zhaoo</a></p></div>
  </div>
</nav>
  <main id="main">
  <div class="container" id="container">
    <article class="article">
  <div class="wrap">
    <section class="head">
  <img   class="lazyload" data-original="/images/theme/post-image.jpg" src=""  draggable="false">
  <div class="head-mask">
    <h1 class="head-title">Rinetd联动kippo实验</h1>
    <div class="head-info">
      <span class="post-info-item"><i class="iconfont iconcalendar"></i>November 24, 2020</span
        class="post-info-item">
      
      <span class="post-info-item"><i class="iconfont iconfont-size"></i>979</span>
    </div>
  </div>
</section>
    <section class="main">
      <section class="content">
        <h1 id="Rinetd-联动-kippo-实验"><a href="#Rinetd-联动-kippo-实验" class="headerlink" title="Rinetd 联动 kippo 实验"></a>Rinetd 联动 kippo 实验</h1><p>Rinetd 是一款linux下的端口转发软件，这里我使用的目的是为了和kippo进行联合使用。这才能到达蜜罐的效果。</p>
<p>测试实验：</p>
<ol>
<li><p>PC1 修改ssh服务端口，并且启用端口转发功能。把22端口转发到PC2的2222号端口</p>
</li>
<li><p>PC2 在2222号端口启动kippo蜜罐，并把日志信息存储到数据库中</p>
</li>
</ol>
<p>实验步骤：</p>
<blockquote>
<ul>
<li> 下载安装rinetd</li>
<li> 修改SSH 启动端口</li>
<li>  配置端口转发规则</li>
</ul>
</blockquote>
<h4 id="下载安装rinetd"><a href="#下载安装rinetd" class="headerlink" title="下载安装rinetd"></a>下载安装rinetd</h4><figure class="highlight properties"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><code class="hljs properties"><span class="hljs-attr">yum</span> <span class="hljs-string">-y install gcc git</span><br><span class="hljs-attr">chmod</span> <span class="hljs-string">/test</span><br><span class="hljs-attr">cd</span> <span class="hljs-string">/test</span><br><span class="hljs-attr">git</span> <span class="hljs-string">clone https://gitee.com/maoren/rinetd.git</span><br><span class="hljs-attr">cd</span> <span class="hljs-string">rinetd</span><br><span class="hljs-attr">sed</span> <span class="hljs-string">-i &#x27;s/65536/65535/g&#x27; rinetd.c</span><br><span class="hljs-attr">mkdir</span> <span class="hljs-string">/usr/man</span><br><span class="hljs-attr">make</span><br><span class="hljs-attr">make</span> <span class="hljs-string">install</span><br></code></pre></td></tr></table></figure>
<h4 id="配置SSH-启动端口"><a href="#配置SSH-启动端口" class="headerlink" title="配置SSH 启动端口"></a>配置SSH 启动端口</h4><figure class="highlight properties"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><code class="hljs properties"><span class="hljs-attr">vim</span> <span class="hljs-string">/etc/ssh/sshd_config</span><br><span class="hljs-comment">##修改port</span><br><span class="hljs-attr">port</span> = <span class="hljs-string">2223</span><br><span class="hljs-comment">#修改selinux,不然ssh 服务无法启动</span><br><span class="hljs-comment">#下载修改的工具</span><br><span class="hljs-attr">yum</span> <span class="hljs-string">install -y policycoreutils-python.x86_64</span><br><span class="hljs-comment">#查看一下Selinux 允许的ssh端口</span><br><span class="hljs-attr">semanage</span> <span class="hljs-string">port -l | grep ssh</span><br><span class="hljs-attr">semanage</span> <span class="hljs-string">port -a -t ssh_port_t -p tcp 2223</span><br><span class="hljs-attr">semanage</span> <span class="hljs-string">port -l | grep ssh</span><br><span class="hljs-attr">service</span> <span class="hljs-string">sshd restart //重新启动ssh服务</span><br></code></pre></td></tr></table></figure>
<h4 id="配置端口转发规则"><a href="#配置端口转发规则" class="headerlink" title="配置端口转发规则"></a>配置端口转发规则</h4><figure class="highlight apache"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><code class="hljs apache"><span class="hljs-attribute">vim</span> /etc/rinetd.conf<br><span class="hljs-comment">#添加需要转发的地址</span><br><span class="hljs-attribute">0</span>.<span class="hljs-number">0</span>.<span class="hljs-number">0</span>.<span class="hljs-number">0</span> <span class="hljs-number">22</span> pc<span class="hljs-number">2</span> <span class="hljs-number">2222</span><br><span class="hljs-comment">#（本机ip） (本机端口) （目标地址） （目标端口）</span><br></code></pre></td></tr></table></figure>

<h4 id="启动服务"><a href="#启动服务" class="headerlink" title="启动服务"></a>启动服务</h4><figure class="highlight awk"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><code class="hljs awk">rinetd -d <span class="hljs-regexp">/etc/</span>rinetd.conf<br>添加开机自启<br>echo rinetd &gt;&gt; <span class="hljs-regexp">/etc/</span>rc.local<br></code></pre></td></tr></table></figure>
<p>查看端口监听状态</p>
<figure class="highlight ebnf"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><code class="hljs ebnf"><span class="hljs-attribute">netstat -nap</span><br></code></pre></td></tr></table></figure>
<p><img   class="lazyload" data-original="/Rinetd%E8%81%94%E5%8A%A8kippo%E5%AE%9E%E9%AA%8C/net.png" src=""  alt="image"></p>
<h4 id="进行测试"><a href="#进行测试" class="headerlink" title="进行测试"></a>进行测试</h4><p>通过pc3进行ssh连接<br><img   class="lazyload" data-original="/Rinetd%E8%81%94%E5%8A%A8kippo%E5%AE%9E%E9%AA%8C/a.png" src=""  alt="image"></p>
<p>进入pc2查看蜜罐的日志<br><img   class="lazyload" data-original="/Rinetd%E8%81%94%E5%8A%A8kippo%E5%AE%9E%E9%AA%8C/b.png" src=""  alt="image"></p>
<p>– 结束实验  –</p>
<p>本次实验结束后，可以得出kippo蜜罐还是有一定的缺点</p>
<ol>
<li>系统的命令不多</li>
<li>在蜜罐中exit退出，并不能真的退出</li>
</ol>

      </section>
      <section class="extra">
        
        <ul class="copyright">
  
  <li><strong>本文作者：</strong>TXXJ</li>
  <li><strong>本文链接：</strong><a href="https://txxj.github.io/Rinetd%E8%81%94%E5%8A%A8kippo%E5%AE%9E%E9%AA%8C/index.html">https://txxj.github.io/Rinetd%E8%81%94%E5%8A%A8kippo%E5%AE%9E%E9%AA%8C/index.html</a></li>
  <li><strong>版权声明：</strong>本博客所有文章均采用<a href="https://creativecommons.org/licenses/by-nc-sa/4.0/deed.zh"
      rel="external nofollow" target="_blank"> BY-NC-SA </a>许可协议，转载请注明出处！</li>
  
</ul>
        
        
        <section class="donate">
  <div class="qrcode">
    <img   class="lazyload" data-original="https://pic.izhaoo.com/alipay.jpg" src="" >
  </div>
  <div class="icon">
    <a href="javascript:;" id="alipay"><i class="iconfont iconalipay"></i></a>
    <a href="javascript:;" id="wechat"><i class="iconfont iconwechat-fill"></i></a>
  </div>
</section>
        
        
  <ul class="tag-list" itemprop="keywords"><li class="tag-list-item"><a class="tag-list-link" href="/tags/Linux-%E6%9C%8D%E5%8A%A1/" rel="tag">Linux 服务</a></li></ul>

        
<nav class="nav">
  
    <a href="/DC-1%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/"><i class="iconfont iconleft"></i>DC:1渗透测试</a>
  
  
    <a href="/kippo%E6%90%AD%E5%BB%BA/">kippo搭建<i class="iconfont iconright"></i></a>
  
</nav>

      </section>
      
      <section class="comments">
  
  <div class="btn" id="comments-btn">查看评论</div>
  
  
</section>
      
    </section>
  </div>
</article>
  </div>
</main>
  <footer class="footer">
  <div class="footer-social">
    
    
    
    
    
    <a href="tencent://message/?Menu=yes&uin=894519210 " target="_blank" onMouseOver="this.style.color= '#12B7F5'"
      onMouseOut="this.style.color='#33333D'">
      <i class="iconfont footer-social-item  iconQQ "></i>
    </a>
    
    
    
    
    
    <a href="javascript:; " target="_blank" onMouseOver="this.style.color= '#09BB07'"
      onMouseOut="this.style.color='#33333D'">
      <i class="iconfont footer-social-item  iconwechat-fill "></i>
    </a>
    
    
    
    
    
    <a href="https://www.instagram.com/izhaoo/ " target="_blank" onMouseOver="this.style.color= '#DA2E76'"
      onMouseOut="this.style.color='#33333D'">
      <i class="iconfont footer-social-item  iconinstagram "></i>
    </a>
    
    
    
    
    
    <a href="https://github.com/izhaoo " target="_blank" onMouseOver="this.style.color= '#24292E'"
      onMouseOut="this.style.color='#33333D'">
      <i class="iconfont footer-social-item  icongithub-fill "></i>
    </a>
    
    
    
    
    
    <a href="mailto:izhaoo@163.com " target="_blank" onMouseOver="this.style.color='#FFBE5B'"
      onMouseOut="this.style.color='#33333D'">
      <i class="iconfont footer-social-item  iconmail"></i>
    </a>
    
  </div>
  <div class="footer-copyright"><p>Powered by <a target="_blank" href="https://hexo.io">Hexo</a>  |  Theme - <a target="_blank" href="https://github.com/izhaoo/hexo-theme-zhaoo">zhaoo</a></p></div>
</footer>
  
      <div class="fab fab-plus">
    <i class="iconfont iconplus"></i>
  </div>
  
  <div class="fab fab-daovoice">
    <i class="iconfont iconcomment"></i>
  </div>
  
  <div class="fab fab-up">
    <i class="iconfont iconcaret-up"></i>
  </div>
  
</body>


<script src="https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js"></script>






<script src="https://cdn.bootcdn.net/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js"></script>






<script src="https://cdn.bootcss.com/fancybox/3.5.7/jquery.fancybox.min.js"></script>






<script src="https://cdn.bootcss.com/jquery.pjax/2.0.1/jquery.pjax.min.js"></script>




<script src="/js/utils.js"></script>
<script src="/js/modules.js"></script>
<script src="/js/zui.js"></script>
<script src="/js/script.js"></script>





<script>
  (function (i, s, o, g, r, a, m) {
    i["DaoVoiceObject"] = r;
    i[r] = i[r] || function () {
      (i[r].q = i[r].q || []).push(arguments)
    }, i[r].l = 1 * new Date();
    a = s.createElement(o), m = s.getElementsByTagName(o)[0];
    a.async = 1;
    a.src = g;
    a.charset = "utf-8";
    m.parentNode.insertBefore(a, m)
  })(window, document, "script", ('https:' == document.location.protocol ? 'https:' : 'http:') +
    "//widget.daovoice.io/widget/0f81ff2f.js", "daovoice")
  daovoice('init', {
    app_id: "abcdefg"
  }, {
    launcher: {
      disableLauncherIcon: true,
    },
  });
  daovoice('update');
</script>



<script>
  (function () {
    var bp = document.createElement('script');
    var curProtocol = window.location.protocol.split(':')[0];
    if (curProtocol === 'https') {
      bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
    } else {
      bp.src = 'http://push.zhanzhang.baidu.com/push.js';
    }
    var s = document.getElementsByTagName("script")[0];
    s.parentNode.insertBefore(bp, s);
  })();
</script>


<script>
  var _hmt = _hmt || [];
  (function () {
    var hm = document.createElement("script");
    hm.src = "https://hm.baidu.com/hm.js?4c204d8bc027a0455b5fc642ac334ca8";
    var s = document.getElementsByTagName("script")[0];
    s.parentNode.insertBefore(hm, s);
  })();
</script>










</html>